Packet Protector
Packet Pushers
Join us at the intersection of networking and security! Whether you’re fending off ransomware attacks, securing remote workers, hunting for rogue IoT devices, or gearing up for your latest compliance audit, Packet Protector provides practical information that IT and infrastructure pros can put to work. Every episode covers the latest security headlines and then drills into essential topics to provide technical and strategic insights on wired and wireless network security, access control, cloud security, pen testing and red/blue teaming, security hardware and software, and more. Whether security is your full-time job or one of your many responsibilities, Packet Protector is your go-to cybersecurity resource.
Episodes
Mentioned books
Mar 31, 2026 • 57min
PP103: FireMon Brings Clarity to Firewall Rule Chaos (Sponsored)
Firewall policies are the heart of network security, but over time they can become a tangled mess. Rules might be outdated, or conflicting, or fail to address new applications, services, and risks. Add in remote locations and public cloud deployments, and you’ve got a serious headache for security and network teams. On today’s sponsored show... Read more »
Mar 24, 2026 • 56min
PP102: What’s Driving SASE Adoption?
Spending on SASE, which combines SD-WAN and cloud-delivered security, is forecast to nearly triple over the next few years, according to Dell’Oro Group. Today on Packet Protector we talk with that forecast’s author about what’s driving that spending. We also explore how SASE vendors are differentiating, architectural considerations for SASE deployments, pros and cons of... Read more »
Mar 17, 2026 • 44min
PP101: Hackers Tap Intune to Wipe Windows Devices; Tricksters Trump E2E Encryption
On today’s news roundup we assess the White House’s new US cyber strategy (bellicose, bombastic, and boiler-plate), discuss a cyberattack attributed to Iran that used Windows to wipe thousands of devices, and dig into a Microsoft update on Entra passkeys. JJ isn’t impressed with new research that bypasses Wi-Fi client isolation, corporate spyware gets a... Read more »
Mar 10, 2026 • 43min
PP100: Building and Securing AI Agents – A Case Study
Kyler Middleton, a software engineer and DevOps lead who builds internal AI bots for healthcare, describes designing private Slack/Teams assistants and hosting models on AWS for data privacy. She discusses moving from bots to agentic AI with tool use, auditing and OAuth-backed authorization, cross-system workflows, logging and guardrails, and unexpected benefits like surfacing stale company docs.
Mar 3, 2026 • 53min
PP099: The Care and Feeding of Kerberos for Windows Environments
Today we’re going to learn about the care and feeding of a three-headed dog named Kerberos. Developed at MIT and released in 1989, Kerberos is a free, open source authentication protocol that uses cryptographic keys to protect identity data as it crosses a network. Today, Kerberos is the backbone of Windows authentication. We’ll dive into... Read more »
Feb 24, 2026 • 58min
PP098: What Goes On Inside a Firewall?
On today’s show, we pop the lid off of a firewall (figuratively speaking) to understand what’s inside. We talk about how a packet moves through various packet-processing elements inside a firewall, how header analysis and de-encapsulation work, which hardware component has the biggest impact on performance, why stateful inspection still matters in an age of... Read more »
Feb 17, 2026 • 44min
PP097: How and Why to Turn the Browser into a Universal Security Agent (Sponsored)
With the rise of cloud services and SaaS, the browser has become a primary productivity tool. It’s also a primary vector for malware, phishing, identity theft, data leaks, and other risks. On today’s sponsored episode with Palo Alto Networks, we dive into browser security. We discuss risks to the browser and how they differ from... Read more »
Feb 10, 2026 • 51min
PP096: Taking Note of a Notepad++ Attack; Telnet and NTLM Are Still a Thing?
A roundup of high-risk supply-chain and software compromises, including a Notepad++ hosting breach and remediation steps. Discussion of a decade-old Telnet exploit targeting internet-facing devices. Coverage of Microsoft’s multi-year plan to retire NTLM and migration suggestions. Reports on voice-phishing toolkits that relay MFA, shadow AI risks from unapproved tools, and exposed API tokens fueling attacks.
8 snips
Feb 3, 2026 • 54min
PP095: OT and ICS – Where Digital and Physical Risks Meet
Sam Van Ryder, co-founder of CyberSec Community and Dragos strategic account lead, brings OT/ICS security and engineering chops. He discusses why industrial systems matter, how ransomware and nation-state actors target OT, the IT/OT convergence risks, and practical visibility, patching limits, and incident response approaches for physical-critical environments.
Jan 27, 2026 • 1h 10min
PP094: Understanding OAuth and Reducing Authorization Risks
OAuth is a widely used authorization (not authentication) protocol that lets a resource owner grant access to a resource using access tokens. These tokens define access attributes, including scope and length of time. OAuth can be used to grant access to human and non-human entities (for example, AI agents). OAuth is increasingly being abused by... Read more »
